在.NET Core 2.0中实现bcrypt

创建一个名为BCryptPasswordHasher.cs的类

 public class BCryptPasswordHasher<TUser> : PasswordHasher<TUser> where TUser : class
    {
        /// <summary>
        ///  Overrides instance of Microsoft.AspNetCore.Identity.PasswordHasher
        /// </summary>
        /// <param name="optionsAccessor"></param>
        public BCryptPasswordHasher(IOptions<PasswordHasherOptions> optionsAccessor = null)
        {

        }

        /// <summary>
        ///  Returns a hashed representation of the supplied password for the specified user.
        /// </summary>
        /// <param name="user"></param>
        /// <param name="password"></param>
        /// <returns></returns>
        public override string HashPassword(TUser user, string password)
        {
            return BCrypt.Net.BCrypt.HashPassword(password);
        }

        /// <summary>
        /// Returns a Microsoft.AspNetCore.Identity.PasswordVerificationResult indicating
        //     the result of a password hash comparison.
        /// </summary>
        /// <param name="user"></param>
        /// <param name="hashedPassword">The hash value for a user's stored password.</param>
        /// <param name="providedPassword"> The password supplied for comparison.</param>
        /// <returns></returns>
        public override PasswordVerificationResult VerifyHashedPassword(TUser user, string hashedPassword, string providedPassword)
        {
            if (hashedPassword == null) { throw new ArgumentNullException(nameof(hashedPassword)); }
            if (providedPassword == null) { throw new ArgumentNullException(nameof(providedPassword)); }            

            if (BCrypt.Net.BCrypt.Verify(providedPassword, hashedPassword))
            {
                return PasswordVerificationResult.Success;
            }
            else
            {
                return PasswordVerificationResult.Failed;
            }
        }    
    }

在Startup.cs中 - 在添加AddIdentity之前

 services.AddScoped<IPasswordHasher<ApplicationUser>, BCryptPasswordHasher<ApplicationUser>>();

感谢安德鲁·洛克（Andrew Lock）让我90％的路程。 https://andrewlock.net/migrating-passwords-in-asp-net-core-identity-with-a-custom-passwordhasher/